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The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )K Responsive to communication(s) filed on 6-30-2003 . 
2a)K This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 
Disposition of Claims 

4) ^ Claim(s) 1-26 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) K Claim(s) 1-26 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

1 1) D The proposed drawing correction filed on is: a)D approved b)Q disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) Q Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)QAII b)D Some*c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 

3-D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application). 

a) D The translation of the foreign language provisional application has been received. 

15) ^ Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 
Attachment(s) 

1) ^ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) Paper No(s). . 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) d Notice of Informal Patent Application (PTO-152) 

3) □ Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 6) □ Other: 
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DETAILED ACTION 


Response to Amendment 


1. v Claims 1-15 were pending in this application. New claims 16-26 have been added y the 
most recent amendment. Claims 1-26 have been examined. 


2. Applicant's arguments filed June 30, 2003 have been fully considered but they are not 
persuasive. 

The Applicant argues in traverse of the rejections of claims 7 and 15 under 35 USC 
102(b) as anticipated by Shewd, US Patent 5,606,668. The applicant asserts that claims 7 and 15 
may be distinguished from the teachings of Shewd since "Shewd is only applicable to the 
inspection of packet level data" and that the applicant's claim recites "intercepting a message" 
and "filtering the message as opposed to applying these operations to individual packets." The 
Examiner counters by noting that all e-mail transmitted across a network such as contemplated 
by the applicant's specification are transmitted in the form of packets and are ultimately operated 
on in that form by any filter. 

The applicant asserts that; "Furthermore, examination of an individual packet of network 
data does not provide sufficient information regarding a message so as to allow Shewd to 
examine content associated with a message as recited by claim 7." Yet a careful reading of 
Shewd at col. 4 lines 15-26 shows that Shewd does contemplate carrying out complex operations 
on a packet based on content and since e-mail messages are comprised of packets, content 
associated with a packet will also be associated with the e-mail message of which it is a part. The 
applicant asserts that the method of Shewd may be distinguished from claims 7 and 15 since: 
".. .Shewd cannot examine the contents of an entire message by only having data associated with 
a single packet." Yet nowhere in claims 7 or 15 is language found mandating examination of an 
entire e-mail message. Claims 7 and 15 only mandate: ".. .filtering the message by examining 
content associated with the message. . ." The method of Shewd in fact does this where 
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information is extracted from a packet of data and evaluated based upon a security rule. 
Additionally, the Examiner counters by noting that the prior art does teach examining an email 
message by examining a single packet. The Applicant's attention is called to Schutzman et al. 
US Patent 5,627,764, where in col. 10 lines 43-60 Schultzman teaches examination of a message 
comprised of a single packet. Schutzman '764 is presented herein only as an illustrative example 
of the usage of this terminology by those of ordinary skill in the art. It is not a new reference 
cited in any rejection and therefore does not constitute new prior art applied in the rejections of 
the claims and does not constitute any new grounds of rejection. 

The Applicant asserts, on page 8 of the amendment, that Shewd does not allow for 
examining a message body, or inspect a message, but only a packet of data. Yet the applicant's 
claims 7 and 15 do not teach these features. Claims 7 and 15 only teach filtering the message by 
examining content associated with the message. Again, Shewd does this by examining data 
packets for information i.e., content associated with the message. Shewd teaches blocking an 
entire message in col. 9 and 10 where disallowing a Telnet communication is taught. 

The Applicant asserts that Shewd is not capable of applying a routing policy to a message 
since it operates on individual packets. Yet such is taught by Shewd in for example Fig. 3A 
where a Graphical User Interface for applying routing security policies amongst other features is 
taught. 

The Applicant argues on page 9 of the amendment that the teachings of Shewd may be 
distinguished from the instant invention since ". . .there is a fundamental difference between 
operation on the packet level and operation at the application level." Yet such language 
specifying operation at the application level is not found in claims 7 or 15. 

The applicant argues in traverse of the rejection of Claim 6 under 35 USC 103(a) by 
noting that Landfield does not teach the features of intercepting a message by a second e-mail 
firewall, decoding the message at the second firewall, and allowing the message to proceed to the 
recipient. A careful reading of the previous Office Action in the case shows that, on page 4 of the 
Action, Landfield was not used to teach the encoding-decoding of the message at the first and 
second firewalls using a private key of the second firewall. Instead, Schneier, Applied 
Cryptography 2 nd Ed. Pages 31-33 and 185-187 was used to teach these features. 


1 
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On page 9 of the Amendment, the Applicant attempts to distinguish the feature of the 
instant invention from the teaching of Landfield by noting that Landfield fails to teach use of an 
encryption key of an e-mail firewall of a recipient. The Examiner counters by noting again that it 
was the Schneier reference that was used to teach this feature. 

The Applicant traverses the taking of Official Notice in the rejection of the claims stating 
that: "Applicants further disagree with the Office Action that the use of a public and private key 
pair for encryption and decryption of user messages by an e-mail firewall, which is outside the 
user control, is old and well known." The previous Office Action did not incorporate the feature 
of ". . .outside the user control" into the features of which Official Notice was taken, nor is such 
language found in claim 1. However, the Applicant's attention is now called to US Patent 
5,416,842 to Aziz, where the use of a public-private key pair in e-mail firewalls is taught for 
example, in the abstract section. In this system of Aziz, the public-private key pairs are 
associated with the firewalls (FWA and FWB) and not individual users. 

Claim Rejections - 35 (JSC §102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A pen on shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed pubKcation in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

4. Claims 7, 15-20, and 22-24 are rejected under 35 U.S.C. 102(b) as being clearly anticipated 
by Shewd, US Patent 5,606,668. 

As per claim 7, Shewd teaches a method for controlling e-mail message transmission across 
an e-mail firewall, the e-mail firewall interposed between an internal network and an external 
network (abstract), the method comprising: intercepting a message from a sender user associated 
with the internal network, the message directed to a recipient user associated with an external 
network; filtering the message by examining content associated with the message by employing user 
defined content filter conditions of the e-mail firewall to provide a filtering result; and restricting the 
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transmission of the message in accordance with said results of said filtering (col. 1 lines 59-67 and 
col. 2 lines 1-60). 

As per claim 15, Shewd teaches restricting the transmission includes routing the message in 
accordance with user defined routing policies (fig. 3 A "Destination" column definitions of Graphical 
User Interface). 

As per claims 16-18, and 23, Shewd teaches an e-mail control system for filtering e-mail 
communication transmitted to or from an internal site to or from a plurality of external sites, the 
e-mail control system interposed between a public network and a private network associated with 
said internal site (abstract), the e-mail control system comprising: a policy manager (abstract, fig.3A, col. 2 lin 
the policy manager intercepting an e-mail message transmitted from a user associated with said 
internal site to at least one user associated with said external site, the policy manager applying at 
least one policy to an intercepted e-mail message by reference to properties of the intercepted email 
message (abstract, fig. 3 A, fig. 4 items 404-412, fig. 5 items 524, 532, 526, col. 2 lines 1-5); and a security ma 
coupled to the policy manager, the security manager adapted to process said intercepted e-mail 
message in accordance with policy results received from said policy manager, the security 
manager facilitating the transmission of said e-mail message to the user associated with said 
external site in response to predetermined policy results from said policy manager (abstract, fig. 
3A, fig. 5 items 522, 524, 532, 534, 508). Shewd teaches intercepting an e-mail message 
transmitted between an internal site and an external site, the intercepting comprising suspending 
a transmission flow of said e-mail message between said internal site and said external site (col. 
7 lines 1-20). 

As per claims 19, 20, 22, and 24 Shewd teaches the method of Claim 18, wherein said policy 
refers to a sender address or a recipient address, found in the header of email messages (col. 4 lines 43-67, 
col. 6 lines 7-35, and col. 12 claim 12). 
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Claim Rejections - 35 USC§103 


5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 
102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the 
subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

6. Claims 1-6, 25, and 26 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Landfield, US Patent 5,632,01 1, Bruce Schneier: Applied cryptography 2nd Edition, Oct. 1995, John 
Wiley & Sons Pub. and Official Notice taken as detailed below. 

As per claim 1, Landfield teaches a method for transmitting a message between a sender 
user associated with a first email firewall and a recipient user associated with a second e-mail 
firewall, the method comprising: intercepting a message from the sender user intended for the 
recipient user (abstract); searching an encryption directory for an entry associated with the second e- 
mail firewall associate(d) with the recipient user (col. 4 lines 25-45); retrieving an encryption key 
associated with the second e-mail firewall, the second firewall associated with a plurality of recipient 
users; encoding the message and allowing the message to proceed through the 
firewall (fig 2a, b, c) to the recipient user. Landfield does not explicitly teach encrypting with an 
encryption key associated with the second e-mail firewall to provide an encrypted message, however 
Official Notice may be taken that such a step is old and well known in the art of public key 
cryptosystems for example. Therefore it would have been obvious to one of ordinary skill in the 
art at the time of the invention to incorporate this feature into the system of Landfield. It would 
be desirable to do so as this would increase the security of the communications system. 

As per claim 2, Landfield does not explicitly teach encoding the message is by employing an 
encryption key that is stored locally by the first e-mail firewall however such is taught implicitly by 
fig. 2c items 52 and 54 where a message is received in encrypted form. 
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As per claims 3 -5, Landfield does not teach encoding the message is by employing an 
encryption key that is retrieved from an external server over a secure data link that employs a locally 
stored encryption key associated with the external server. However Schneier teaches such, pages 
185-187: "Public Key Management" Therefore it would have been obvious to one of ordinary skill in 
the art at the time of the invention to incorporate this feature of Schneier into the system of 
Landfield. It would have been desirable to do so as this would decrease storage overhead at the 
firewall. 

As per claims 6, 25, and 26, Landfield teaches a method for receiving a message from a 
sender user associated with a first e-mail firewall by a recipient user associated with a second e-mail 
firewall, and ultimately allowing the message to proceed through the firewall to the recipient user, 
but does not teach the first e-mail firewall encoding the message by using an encryption key of the 
second e-mail firewall, comprising: intercepting the message; by the second e-mail firewall; 
decoding the message with a private key of the second e-mail firewall. Schneier does teach these 
steps at pages 31-33 and 185-187. Therefore it would have been obvious to one of ordinary skill in 
the art at the time of the invention to incorporate this feature of Schneier into the system of 
Landfield. It would have been desirable to do so as this would decrease storage overhead at the 
firewall. 

7. Claims 8-14, and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable over Shewd 
as applied to claim 7 and 18 above, and further in view of Landfield, Hershey et al., US Patent 
5,414,833 and Official Notice taken as detailed below. 

As per claims 8-10, and 21 Shewd does not teach said filtering is by parsing the text of the 
message in accordance with said filter conditions, or said parsing of text is by searching for keywords 
in the text, or said parsing of text is by searching for word patterns in the text. Hershey does teach 
such parsing operations (abstract, col. 2 lines 55-68, col 6 lines 1-44, and col. 5 lines 20-51). 
Therefore it would have been obvious to one of ordinary skill in the art at the time of the invention to 
incorporate these features into the system of Shewd. It would have been desirable to do so as this 
would increase the security of the e-mail messaging system. 
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As per claim 11, Shewd does not explicitly teach said filter conditions employ Boolean 
expressions, however Official Notice may be taken that such filtering via Boolean logic is old and 
well known in the art. Therefore it would have been obvious to one of ordinary skill in the art at the 
time of the invention to incorporate these features into the system of Shewd. It would have been 
desirable to do so as this would increase the security of the e-mail messaging system. 

As per claim 12, Shewd does not teach said filtering conditions include rejecting all executable 
attachments, however Landfield does teach this (col. 51-60). Therefore it would have been obvious to 
one of ordinary skill in the art at the time of the invention to incorporate these features into the 
system of Shewd. It would have been desirable to do so as this would increase the security of the 
e-mail messaging system. 

As per claims 13 and 14, Shewd teaches said filtering conditions include requiring executable 
attachments to include digital signatures and filtering based on reference to a directory of trusted 
signatures (fig. 3A "Trusted Parties"). 

Conclusion 

8. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 
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9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paul E. Callahan whose telephone number is (703) 305-1336. 
The examiner can normally be reached on M-F from 9 to 5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Greg Morse, can be reached on (703) 308-4789. The fax phone number for the 
organization where this application or proceeding is assigned is: (703) 872-9306. Any inquiry of 
a general nature or relating to the status of this application or proceeding should be directed to 
the receptionist whose telephone number is (703) 305-3900. 

9/15/03 
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